H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication

H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication

H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Abstract

The invention discloses an accessory, electronic equipment and an accessory authentication implementation system. The accessory comprises an encryption chip, the encryption chip comprises a first storage module, wherein the first storage module is used for storing a private authentication key and a hybrid authentication key at least composed of a public authentication key and a pseudo-key according to a preset rule to enable a processing module of the electronic equipment to at least extract the public authentication key from the hybrid authentication key according to an algorithm matched with the preset rule when the electronic equipment is physically connected with the accessory, and the public authentication key is used for authenticating the accessory. By means of said mode, the accessory is capable of improving the key safety so as to improve the accessory use safety and reliability of the electronic equipment.

Description

[0001] 本发明涉及电子技术领域，特别是涉及一种配件、电子设备及实现配件认证的系统。 [0001] The present invention relates to electronic technologies, and particularly relates to an accessory, the electronic device and system implementation accessory authentication.

背景技术 Background technique

[0002] 电子设备例如手机或平板等在日常使用过程中，常常会用到相关的配件(包括附件)，例如需要和充电器连接以进行充电，和数据线连接以进行数据传输，和耳机连接以进行接听等。 [0002] Electronic devices such as mobile phones or tablet like in daily use, often use related accessories (including attachments), such as the need and the charger is connected for charging, and a data line connected to data transmission, and the headset is connected for answering and so on.

[0003] 但是，当电子设备在连接并使用配件时，如果配件的质量不合格，有可能会损坏电子设备，甚至会引起人身伤亡等重大事故的发生。 [0003] However, when the electronic device connection and use the accessories, if the quality of parts failure, there may be damage to electronic equipment, or even cause major accidents personal injury and so on.并且，越来越多的非正规厂家为了谋取暴利而使用劣质材料或不严格的工艺制程来生产配件，导致配件的质量难以得到保证，一旦使用这些非法厂家生产的不合格配件，更容易损坏电子设备，或者造成重大伤亡事故。 And, more informal manufacturers in order to reap profits used inferior materials or less stringent process technology to produce parts, leading to mass assembly is difficult to be guaranteed, once the use of these illegal manufacturers failed parts, more prone to damage electronic equipment, or cause serious injury or death.据资料显示，由于使用不合格的充电器充电时发生漏电致人死亡或导致电子设备损坏、燃烧等事件时有发生，给电子设备用户带来了极大的风险和安全隐患。 According to statistics, as occurs when charging the use of substandard charger has occurred leakage to cause death or cause electronic equipment damage, burning and so on, to the electronic device users a great risk and security risks.

[0004] 为了解决上述技术问题，现有技术中，在电子设备使用配件之前，通常先对配件进行认证以确认配件是否为合法配件。 [0004] In order to solve the above problems, the prior art, before the electronic equipment parts, usually the first of accessories for authentication to confirm that the accessories are legitimate parts.当配件通过认证时，则电子设备正常使用配件的功能，如果配件认证失败，则电子设备与配件不进行功能性连接，即不使用该配件，由此确保电子设备能够使用合法的配件。 When the accessory is authenticated, the electronic device in normal use accessory function, if the accessory authentication fails, the electronic device and accessories are not functionally connected to, i.e. does not use the fitting, thus ensuring that the electronic device can be used legally accessories.现有对配件的认证方法中，通常采用非对称加密算法对配件进行认证。 Conventional authentication methods fitting generally employed asymmetric encryption algorithm for components authentication.非对称加密算法中需要两个密钥，公钥和私钥，当采用公钥进行加密时，只有通过配对的私钥才能进行解密，当采用私钥进行加密时，只有配对的公钥才能够解密。 Asymmetric encryption algorithm requires two keys, public and private, when using public key encryption, only be decrypted by the private key can be matched, when using private key encryption, only the paired public key to be able to decryption.公钥是对外公开的，而私钥只有解密方知道。 The public key is open to the public, while the private key is only decrypted party knows.

[0005] 然而，公钥和私钥一般都是直接存储至存储器中的安全部分，即现有技术中通常不会对公钥和私钥进行任何处理，使用公钥和私钥进行加解密时只需要从存储器中直接获取即可，这种存储方式使得公钥和私钥的安全级别降低，极容易被黑客破解密钥，尤其是公钥一旦被黑客破解，将可能导致配件的整个认证发生错误，有可能出现将不合法的配件认证为合法配件的现象。 When [0005] However, public and private keys are generally safe moiety is directly stored in the memory, i.e., generally not public and private key for any treatment prior art, using public and private encryption and decryption just from memory direct access to this storage makes public key and private key security level lower, very easy to crack the key hacking, especially the public once the hack, may result in parts of the entire authentication occur error, there may be unlawful accessories certified as legitimate parts of the phenomenon.

发明内容 SUMMARY

[0006] 本发明主要解决的技术问题是提供一种配件、电子设备及实现配件认证的系统，能够提高密钥的安全级别，以提高电子设备使用配件时的安全性和可靠性。 [0006] The present invention solves the technical problem is to provide an accessory, the electronic device and to achieve accessory authentication system that can increase the security level key, to improve the security and reliability of electronic equipment parts.

[0007] 为解决上述技术问题，本发明采用的一个技术方案是:提供一种配件，包括加密芯片，所述加密芯片包括第一存储模块；所述第一存储模块用于存储私有认证密钥以及至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥，以使电子设备的处理模块在所述电子设备和所述配件进行物理连接时按照与所述预定规则匹配的算法从所述混合认证密钥中至少提取出所述公共认证密钥，并使用所述公共认证密钥对所述配件进行认证。 [0007] To solve the above problems, an aspect of the present invention is that: to provide a fitting, comprising encryption chip, said encryption chip includes a first storage module; a first storage module for storing a private authentication key and at least a public authentication key and a dummy key in a hybrid authentication key after a predetermined rule combination, such that the processing module of the electronic device physically connected to the electronic device and the accessory when in accordance with said predetermined rule matching algorithm is extracted from the mixing authentication key in at least the said common authentication key, and using the public authentication key to the accessory authentication.

[0008] 其中，所述加密芯片还包括与所述第一存储模块连接的密钥产生模块，用于在所述配件和所述电子设备进行物理连接时产生所述私有认证密钥、公共认证密钥以及伪密钥，并至少将所述公共认证密钥和伪密钥按照预定规则进行组合以得到所述混合认证密钥，其中，在每次所述配件和所述电子设备进行物理连接时，所述密钥产生模块产生的公共认证密钥和私有认证密钥不相同。 [0008] wherein the encryption chip further includes a key connected to the first storage module generating module for generating said private authentication key when a physical connection of said fitting and said electronic device, a public certification key and dummy key and at least the public authentication key and the pseudo-key combination in accordance with a predetermined rule to obtain the mixed authentication key, wherein the physical connection at each said fitting and said electronic device when the key generation public authentication key and a private authentication key generated by the module are not identical.

[0009] 其中，所述加密芯片还包括解密模块；所述密钥产生模块用于将所述私有认证密钥、所述公共认证密钥以及所述伪密钥按照预定规则进行组合以得到所述混合认证密钥，并将所述混合认证密钥存储至所述第一存储模块中；所述解密模块用于接收所述处理模块按照与所述预定规则匹配的算法从所述混合认证密钥中提取出的所述私有认证密钥，并使用所述私有认证密钥对所述配件进行认证。 [0009] wherein the encryption chip further includes a decrypting module; the key generation module for the private authentication key, the public authentication key and the pseudo-key combination in accordance with a predetermined rule to obtain said mixing authentication key, and the mixing authentication key stored in the first storage module; said decryption means for receiving the processing module in accordance with the algorithm with the predetermined rule matching from the mixed authentication password the private authentication key key extracted and the accessories for authentication using the private authentication key.

[0010] 其中，所述加密芯片还包括计数模块，所述计数模块用于累计并存储所述配件被认证的次数。 [0010] wherein the encryption chip further includes a counting module, the counting means for accumulation and the number of storing the accessory is authenticated.

[0012] 为解决上述技术问题，本发明采用的另一个技术方案是:提供一种电子设备，包括处理模块，所述处理模块用于在所述电子设备和配件进行物理连接时，从所述配件的加密芯片中的第一存储模块读取至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥，并按照与所述预定规则匹配的算法从所述混合认证密钥中至少提取所述公共认证密钥，以使用所述公共认证密钥对所述配件进行认证。 [0012] In order to solve the above problems, another aspect of the present invention uses: providing an electronic device includes a processing module, the processing module for the electronic devices and accessories for physical connection, from the fitting encryption chip in the first storage module to read at least a key by a public authentication key and a dummy key in a hybrid authentication key after a predetermined rule combinations, and according to the algorithm with the predetermined rule matching from the mixed authentication extracting at least the common authentication key, using the public authentication key to the accessory authentication.

[0013] 为解决上述技术问题，本发明采用的另一个技术方案是:提供一种实现配件认证的系统，包括配件和电子设备，所述配件包括加密芯片，所述加密芯片包括第一存储模块，所述电子设备包括处理模块；所述第一存储模块用于存储私有认证密钥以及至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥；所述处理模块在所述配件和所述电子设备进行物理连接时按照与所述预定规则匹配的算法从所述混合认证密钥中至少提取出所述公共认证密钥，并使用所述公共认证密钥对所述配件进行认证。 [0013] In order to solve the above problems, another aspect of the present invention uses: providing an implementation accessory authentication system, including accessories and electronic equipment, said fitting includes an encryption chip, said encryption chip comprises a first memory module the electronic device includes a processing module; the first storage means for storing the private authentication key and at least a public authentication key and a dummy key in a hybrid authentication key after a predetermined rule combinations thereof; said processing module of the when the physical connection of said fitting and said electronic equipment in accordance with the algorithm with the predetermined rule matching is extracted from the mixing authentication key in at least the said common authentication key, and using the public authentication key to the fitting authentication.

[0014] 其中，所述加密芯片还包括与所述第一存储模块连接的密钥产生模块，用于在所述配件和所述电子设备进行物理连接时产生所述公共认证密钥、私有认证密钥以及伪密钥，并至少将所述公共认证密钥和伪密钥按照预定规则进行组合以得到所述混合认证密钥，其中，在每次所述配件和所述电子设备进行物理连接时，所述密钥产生模块产生的公共认证密钥和私有认证密钥不相同。 [0014] wherein the encryption chip further includes a key connected to the first storage module generating module, for generating a common authentication key when a physical connection of said fitting and said electronic apparatus, private authentication key and dummy key and at least the public authentication key and the pseudo-key combination in accordance with a predetermined rule to obtain the mixed authentication key, wherein the physical connection at each said fitting and said electronic device when the key generation public authentication key and a private authentication key generated by the module are not identical.

[0015] 其中，所述加密芯片还包括解密模块；所述密钥产生模块用于将所述私有认证密钥、所述公共认证密钥以及所述伪密钥按照预定规则进行组合以得到所述混合认证密钥，并将所述混合认证密钥存储至所述第一存储模块中；所述处理模块用于按照与所述预定规则匹配的算法从所述混合认证密钥中提取所述私有认证密钥，并将所述私有认证密钥发送给所述解密模块，所述解密模块用于接收所述私有认证密钥，并使用所述私有认证密钥对所述配件进行认证。 [0015] wherein the encryption chip further includes a decrypting module; the key generation module for the private authentication key, the public authentication key and the pseudo-key combination in accordance with a predetermined rule to obtain said mixed authentication key, and the mixed authentication key stored in the first storage module; the processing module is used in accordance with the predetermined rule matching algorithm from the mixed authentication key extracted from the private authentication key and a private authentication key is transmitted to said decryption module, said decryption means for receiving the private authentication key, and using the private authentication key to the accessory authentication.

[0016] 其中，所述加密芯片还包括计数模块，所述计数模块用于累计并存储所述配件被认证的次数。 [0016] wherein the encryption chip further includes a counting module, the counting means for accumulation and the number of storing the accessory is authenticated.

[0017] 本发明的有益效果是:区别于现有技术的情况，本发明的配件中配置有加密芯片，加密芯片用于存储私有认证密钥以及至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥，从而使得电子设备在和配件进行物理连接时，需先按照与预定规则匹配的算法从混合认证密钥中提取出公共认证密钥，才能使用公共认证密钥对配件进行认证，通过将公共认证密钥和伪密钥混合在一起，利用伪密钥将公共认证密钥进行隐藏，由此可减小密钥被黑客破解的几率，有利于提高密钥的安全级别。 [0017] Advantageous effects of the present invention are: to be distinguished from the prior art, the fitting of the present invention is disposed encryption chip, encryption chip for storing a private authentication key and at least a public authentication key and a dummy key according to a predetermined mixing authentication key after the combination of rules, so that the electronic device at the time of and accessories for the physical connection, must first extracted according to the matching algorithm with a predetermined rule from the mixed authentication key in the common authentication key to use the common authentication key accessories for certification by the public authentication key and the pseudo-key mixed together using a pseudo key public authentication key to hide, thereby reducing the chances of a key being cracked by hackers, will help improve the security key level.

附图说明 BRIEF DESCRIPTION

[0018] 图1是本发明实现配件认证的系统一实施方式的结构示意图； [0018] FIG. 1 is a present invention achieves accessory authentication system structural diagram according to an embodiment;

[0019] 图2是本发明实现配件认证的系统另一实施方式的结构示意图。 [0019] FIG. 2 is a block diagram of a system according to the present invention is implemented accessory authentication according to another embodiment.

具体实施方式 Detailed ways

[0020] 下面将结合附图和具体的实施方式对本发明进行详细说明。 [0020] below with reference to the accompanying drawings and specific embodiments of the present invention will be described in detail.

[0021] 参阅图1，本发明实现配件认证的系统一实施方式中，包括配件11和电子设备13。 [0021] Referring to Figure 1, the system according to the present invention is implemented accessory authentication to an embodiment, comprising a fitting 11 and the electronic device 13.其中，配件11可以为充电器、数据线、耳机等，电子设备13可以是手机、平板电脑或其他电子设备。 Wherein, fitting 11 may be a charger, a data cable, headphones etc., the electronic device 13 may be a mobile phone, a tablet computer or other electronic device.

[0022] 配件11包括加密芯片111，以实现对配件的加密功能。 [0022] The fitting 11 includes an encryption chip 111, in order to achieve encryption function fitting.加密芯片111包括第一存储模块121和解密模块123，第一存储模块121用于存储私有认证密钥以及由公共认证密钥和伪密钥组合之后的混合认证密钥。 Encryption chip 111 includes a first storage module 121 and decryption module 123, a first storage module 121 for storing a private authentication key and hybrid authentication key after the combination by the public authentication key and a dummy key.本实施方式中，采用非对称加密算法和真假密钥的方法同时对配件11进行加密。 The present embodiment, using an asymmetric encryption algorithm and a genuine key method of simultaneously fitting 11 is encrypted.非对称加密算法需要两个密钥，即公共认证密钥和私有认证密钥。 Asymmetric encryption algorithms require two keys, i.e., the public authentication key and a private authentication key.公共认证密钥和私有认证密钥为一对验证密钥对，若使用公共认证密钥进行加密，则只能使用对应的私有认证密钥才能解密，若使用私有认证密钥进行加密，则只能使用对应的公共认证密钥才能解密。 Public authentication key and a private authentication key is a verification key pair, if using public authentication key is encrypted, you can only use the corresponding private authentication key can decrypt, encrypt if using a private authentication key, only the You can use the corresponding public authentication key can decrypt.

[0023] 其中，第一存储模块121所存储的混合认证密钥是将公共认证密钥和伪密钥按照预定规则进行混合后得到的密钥数据。 [0023] wherein mixing the authentication key of the first storage module 121 stores the key data public authentication key and the dummy keys are mixed according to a predetermined rule obtained.

[0024] 本实施方式中，公共认证密钥和伪密钥的组合方式为将公共认证密钥和多个伪密钥进行排列，例如真的公共认证密钥为A，伪密钥有B1、B2、B3、B4，可以将A、B1、B2、B3、B4五个密钥按照一定的顺序进行排列，如将A排在第三位，即五个密钥的排列顺序为B1、B2、A、B3、B4，然后将排列组合后得到的数据存储至第一存储模块201中以得到混合认证密钥。 [0024] In the present embodiment, the combination of public authentication key and a dummy key is for the public authentication key and a plurality of dummy keys are arranged, for example, really common authentication key for A, the dummy key has B1, B2, B3, B4, may be a, B1, B2, B3, B4 five keys arranged in a certain order, such as the a is ranked third, i.e. the order five keys of B1, B2, a, the data stored in the first storage module 201 B3, B4, then the permutations obtained to give a mixed authentication key.

[0025] 电子设备13包括处理模块131。 [0025] The electronic device 13 includes a processing module 131.处理模块131用于在电子设备13和配件11进行物理连接(即电性连接，实现功能性连接前)时，从第一存储模块121中读取混合认证密钥，并按照预定算法从混合认证密钥中提取公共认证密钥，并使用公共认证密钥验证配件是否为合法配件。 The processing module 131 for performing physical connection in the electronic device 13 and accessories 11 (i.e., electrically connected, to realize the front functionally linked), reading mixed authentication key from the first storage module 121, and according to a predetermined algorithm from Hybrid Authentication key extracts the public authentication key, and use common authentication key authentication accessories are legitimate parts.电子设备13和配件11之间的连接可以是有线连接(例如通过USB通道进行连接)也可以是无线连接。 The connection between the 13 and the fitting 11 the electronic device may be a wired connection (e.g., connected by USB channel) may also be a wireless connection.

[0026] 其中，预定算法为和所述预定规则相匹配的算法，该算法和该预定规则可以是电子设备厂商和合法的配件厂商进行协商制定，该预定规则仅是被电子设备厂商和合法的配件厂商所知。 [0026] wherein the predetermined algorithm and the predetermined rule match algorithm and the predetermined rule may be an electronic equipment manufacturers and legitimate parts manufacturers consultations formulation, the predetermined rule is used only when the electronic device manufacturers and legitimate parts manufacturers known.以上述公共认证密钥A和四个伪密钥B1、B2、B3、B4的组合方式为例，公共认证密钥A和伪密钥的组合方式应是按照B1、B2、A、B3、B4的方式进行排列，从而处理模块301只需根据预先制定好的规则从混合认证密钥中提取第三位密钥，即可得到真的公共认证密钥。 In the common authentication key A, and four dummy keys B1, B2, combinations B3, B4 for example, combinations of common authentication key A and the dummy key should be in accordance with B1, B2, A, B3, B4 manner are arranged, so that the processing module 301 simply extracts the third key from mixing the authentication key according to pre-established rules, to obtain a really common authentication key.通过将真的公共认证密钥混合在伪密钥中，利用伪密钥对真的公共认证密钥进行隐藏，因此除非是获知公共认证密钥和伪密钥的组合方式，否则将难以获知哪一个才是真的公共认证密钥，由此提高了公共认证密钥的安全级别，使得黑客难以发现真的公共认证密钥，降低了密钥被黑客破解的几率，以确保密钥的可靠性。 By really common authentication key mixing in spurious keys, using the pseudo-key really common authentication key to hide, so unless it is informed of combinations of public authentication key and the pseudo-key, otherwise it will be difficult to know which one is really common authentication key, thereby increasing the safety level of public authentication key, making it harder for hackers find true public authentication key, reduces the chances of a key being cracked by hackers, to ensure that key reliability .

[0027] 为了进一步确定所使用公共认证密钥是正确的，即确认公共认证密钥没有被篡改过，电子设备13还包括第二存储模块133，用于存储公共验证密钥，该公共验证密钥为和私有认证密钥为一对验证密钥对。 [0027] To further confirm that the public authentication key is correct, i.e., confirm common authentication key has not been tampered with, the electronic device 13 further comprises a second storage module 133 for storing the public verification key, the common authentication password key to and private authentication key is a verification key pair.处理模块131从混合认证密钥中获取公共认证密钥后，使用公共验证密钥对公共认证密钥进行验证，即将公共认证密钥和公共验证密钥进行比较，当公共认证密钥和公共验证密钥相一致时，则该公共认证密钥被验证为正确的公共认证密钥，从而处理模块131使用被验证后的公共认证密钥对配件进行认证。 After the processing module 131 acquires the public authentication key from the mixed authentication key using the public verification key to verify the common authentication key, i.e. a public authentication key and a public verification key are compared, when the public authentication key and a public validation when the keys match, then the common authentication key is verified as correct public authentication key, so that the processing module 131 in the public authentication key after being verified for components authentication.

[0028] 在认证过程中，处理模块131使用公共认证密钥对消息进行加密，并将加密后的消息发送给配件11。 [0028] In the authentication process, the processing module 131 in the public authentication key to encrypt the message, and sends the encrypted message to the fitting 11.配件11的解密模块123接收该加密后的消息，并使用私有认证密钥对接收到的消息进行解密，然后将解密的消息作为响应发送给处理模块131。 Accessories decryption module 11 of the 123 received message the encryption, and using the private authentication key received message is decrypted, and the decrypted message as processing module 131 in response to a.处理模块131确定该响应是否适当，若适当，则配件11被认证为合法的配件。 The processing module 131 determines whether the response properly, if appropriate, the fitting 11 is authenticated as a legitimate parts.从而，在认证配件11为合法的配件后，电子设备13和配件11由物理性连接变为功能性连接，电子设备13正常使用配件11的功能，例如进行充电、传输数据等。 Whereby, after the authentication fitting 11 is a legal accessory, the electronic device 13 and fitting 11 are connected by a physical becomes functionally linked to the electronic device 13 use of the function parts 11, for example, charging, transferring data and the like.如果配件11不被认证，则配件11被禁用。 If the fitting 11 is not authenticated, the fitting 11 is disabled.由此，在使用配件11之前先对配件11进行认证，以确认配件11是否为原装或合法的配件，在确认为原装或合法的配件后，方使用配件11的功能，从而确保电子设备13所使用的配件为合法配件，进而提高电子设备13使用配件11的安全性和可靠性。 Thus, before using the fitting 11 prior to fitting 11 certification to confirm fitting 11 is a genuine or legitimate parts, after confirming for the original or legitimate accessories, party uses functional parts 11, thereby ensuring the electronic device 13 use accessories as legitimate parts, thereby increasing the electronic device 13 to use the security and reliability of the fitting 11.

[0029] 其中，在认证过程中的加解密的数据通道可以利用电子设备13和配件11现有的连接通道实现。 [0029] wherein, in the authentication process of encryption and decryption of the data channel 13 and the electronic device may utilize a conventional fitting 11 connecting channel realization.电子设备13通常设有外部通信接口，如USB、UART等，电子设备13和配件11之间可以使用现有的通信接口进行密钥、数据和控制指令等的数据传输，以充分利用现有的资源实现对配件11的认证。 The electronic device 13 is typically provided with an external communication interface, such as USB, UART, etc., the electronic device may use an existing communication interface between 13 and fitting 11 keys, data and control commands such as data transmission, to full advantage of existing resources to achieve certification fitting 11.

[0030] 因此，本实施方式中，通过对配件11配置加密芯片111，以使得配件11具有加密功能，以实现对配件11的认证，不仅能够提高电子设备13使用配件11的安全性，且采用伪密钥将真的公共认证密钥进行隐藏的加密算法，可以提高密钥的安全级别，防止真的密钥被黑客破解。 [0030] Accordingly, the present embodiment, by configuring the encryption chip 111 pairs of parts 11, so that the fitting 11 has an encryption function, in order to achieve authentication fitting 11 can not only improve the electronic device 13 using the security fitting 11, and using pseudo key will be really common authentication key hidden encryption algorithm, we can improve the level of security keys, to prevent the real key is compromised by hackers.此外，通过加密芯片111，还可以实现对配件11的跟踪、识别好判断等，便于对配件11进行管理。 Further, the encryption chip 111 may also be implemented to track parts 11, identifying good judgment, facilitate the fitting 11 to manage.

[0031] 在本发明实现配件认证的系统的其他实施方式中，公共认证密钥和伪密钥还可以按照其他预定规则进行组合，例如将组成公共认证密钥的数据混合至伪密钥中，然后电子设备提取预定位置的数据，并进行重新组合以得到公共认证密钥。 [0031] In other embodiments of the present invention achieves accessory authentication system, the common authentication key and the dummy keys may also be combined in other predetermined rules, for example, composition data common authentication key mixed into the dummy keys, then the electronic device to extract data of a predetermined position, and re-combined to obtain a common authentication key.举例而言，假设公共认证密钥为1100，伪密钥为2222，将公共认证密钥的四位数按照预定位置混合至伪密钥的四位数中得到一串八位数据，该八位数据例如为12212020，此时电子设备按照预定算法提取第一位、第四位、第六位以及第八位数字，并将所提取出的数字进行重新组合从而得到公共认证密钥。 For example, assume that the public authentication key 1100, the dummy key is 2222, and the resulting string of eight data digit common authentication key digit mixed to a predetermined position of the dummy key, the eight data, such as 12212020, then the electronic device extracted in accordance with a predetermined algorithm for the first, fourth, sixth and eighth digit, and the mentioned numbers extracted re-combined to give a common authentication key.由于黑客难以获知公共认证密钥和伪密钥之间的组合规则，因此难以找到真的公共认证密钥，由此提高了密钥的安全级别，降低被黑客破解的几率。 As hackers is difficult to know the rule of combination between the public authentication key and the pseudo-key, it is difficult to find a true public authentication key, thereby increasing the level of security keys, reducing the chance of hackers to crack.

[0032] 此外，在其他实施方式中，也可以将私有认证密钥混合到伪密钥中，即第一存储模块用于存储由私有认证密钥、公共认证密钥和伪密钥按照预定规则进行组合之后的混合认证密钥。 [0032] Furthermore, in other embodiments, may be a private authentication key mixed pseudo keys, i.e., a first storage means for storing a private authentication key, a public authentication key and a dummy key according to a predetermined rule mixing authentication key after combining.此时，当配件和电子设备进行物理性连接时，电子设备的处理模块按照预定算法从混合认证密钥中提取出公共认证密钥和私有认证密钥，并将私有认证密钥发送给解密模块，从而解密模块利用该私有认证密钥进行解密，以实现对配件的认证。 At this time, when the accessory and the electronic device physically connected, the processing module of the electronic device extracted in accordance with a predetermined algorithm from the mixed authentication key in a public authentication key and a private authentication key, and sends the private authentication key to the decryption module thereby decryption module by using the private authentication key for decryption, in order to achieve authentication accessories.通过上述方式，可以防止公共认证密钥和私有认证密钥被黑客破解，提高密钥的安全级别。 By the above manner, it is possible to prevent the public authentication key and a private authentication key is compromised by hackers, increase the security level of the key.

[0033] 本发明实现配件认证的系统的另一实施方式中，采用随机的密钥对配件进行认证，以提高认证的可靠性，进一步确保电子设备所使用的配件为合法的配件。 [0033] Another embodiment of the present invention achieves accessory authentication system using a random key accessories for certification to improve authentication reliability, further to ensure that the electronic devices used in fitting legitimate parts.具体地，参阅图2，加密芯片211还包括与第一存储模块221连接的密钥产生模块225。 In particular, referring to Figure 2, the encryption chip 211 further comprises a key connected to the first storage module 221 generating module 225.密钥产生模块225用于在配件21和电子设备23进行物理连接时产生私有认证密钥、公共认证密钥以及伪密钥，并至少将公共认证密钥和伪密钥按照预定规则进行组合以得到混合认证密钥。 Key generation module 225 for generating a private authentication key, a public authentication key and a pseudo key when fittings 21 and electronic device 23 are physically connected, and at least a public authentication key and the pseudo-key combination in accordance with predetermined rules get mixed authentication key.其中，本实施方式中，密钥产生模块225用于将私有认证密钥、公共认证密钥和伪密钥按照预定规则进行组合以得到混合认证密钥，第一存储模块221用于存储由私有认证密钥、公共认证密钥和伪密钥组合之后的混合认证密钥。 Wherein, in this embodiment, the key generation module 225 for the private authentication key, a public authentication key and the pseudo-key combination in accordance with a predetermined rule to give a mixed authentication key, first storage module 221 for storing a private mixing authentication key after the authentication key, the public authentication key and the pseudo-key combination.

[0034] 此外，密钥产生模块225以随机产生密钥的方式产生公共认证密钥和私有认证密钥，即在每次配件21和电子设备23进行物理连接时，密钥产生模块225产生的私有认证密钥和公共认证密钥不相同。 [0034] Further, the key generation module 225 as to randomly generated key to generate the public authentication key and a private authentication key, i.e., each time the fitting 21 and the electronic device 23 to be physically connected, the key generation module 225 generates a private authentication key and the public are not identical.例如，在配件21和电子设备23第一次进行物理连接时，密钥产生模块225产生的一对私有认证密钥和公共认证密钥为⑶，在配件21和电子设备23第二次进行物理连接时，密钥产生模块225产生的一对私有认证密钥和公共认证密钥为与密钥对CD不同的EF密钥对。 For example, when the fitting 21 and the electronic device 23 the first physical connection, the key generate a pair of private authentication key and a public authentication key module 225 generates for ⑶, fitting 21 and the electronic device 23 a second time physically when connected, the key generation module 225 generates a pair of private authentication key and public authentication keys with the key CD different EF key pair.

[0035] 进一步地，密钥产生模块225在每次产生密钥对时，产生的方式也不相同，其可以根据配件21被认证的次数来产生私有认证密钥和公共认证密钥，还可以根据当前时间来产生私有认证密钥和公共认证密钥。 [0035] Further, the key generation module 225 at each generation of the key pair, the way generated is not the same, which may be generated private authentication key and a public authentication key according to the number of authenticated fitting 21 may also be to generate private authentication key and public authentication key based on the current time.由此，通过将非对称加密算法、真假密钥算法和随机密钥算法同时用于对配件的加密，可使得黑客难以找到密钥，也无从找到密钥产生的规律，进而进一步提高密钥的安全性，有效地防止密钥被黑客攻击。 Thus, by asymmetric encryption algorithm, authenticity key algorithm and the random key algorithm used for both encryption of spare parts, it may be so difficult for a hacker to find the key, there is no way to find the law key generation, thereby further improving key security, effectively prevent the key from being hacked.

[0036] 本实施方式中，在对配件21进行认证时，电子设备23的处理模块231从第一存储模块221中读取混合认证密钥，并按照与所述的预定规则相匹配的算法从混合认证密钥中提取出公共认证密钥和私有认证密钥，并将私有认证密钥发送给解密模块223。 [0036] the present embodiment, when the fitting 21 authenticates the electronic device processing module 231 of the read mixed authentication key from the first storage module 221, and the algorithm according to a predetermined rule according matches from hybrid authentication key extracted public authentication key and a private authentication key and a private authentication key to the decrypting module 223.之后，处理模块231使用公共验证密钥对提取出的公共认证密钥进行验证，在公共认证密钥被验证后，处理模块231使用公共认证密钥对消息进行加密，并将加密后的消息发送给解密模块223。 Thereafter, the processing module 231 in the public verification key extracted from the public authentication key to verify, after the common authentication key is verified, the processing module 231 in the public authentication key to encrypt the message, and sends the encrypted message to the decryption module 223.解密模块223使用处理模块231发送过来的私有认证密钥对接收到的加密的消息进行解密，并将解密后的消息作为响应发送给处理模块231。 Encrypted message decryption module 223 using the processing module 231 sent by private authentication key received is decrypted and the message is decrypted as a response to the processing module 231.处理模块231确定该响应是否正确，若正确，则配件21被认证，电子设备23正常使用配件21的功能，否则，配件21将被禁止，由此确保了电子设备23使用的配件21为合法配件，提高安全性和可靠性。 Processing module 231 determines whether the response is correct, if correct, the fitting 21 is authenticated, the electronic device 23 use of the function parts 21, otherwise fitting 21 will be prohibited, thereby ensuring the accessories electronic equipment 23 21 used for the legitimate Accessories improve security and reliability.

[0037]当然，在其他实施方式中，还可以是由解密模块223从第一存储模块221中读取混合认证密钥，并从混合认证密钥中提取出私有认证密钥，以使用私有认证密钥进行解密；或者也可以是由解密模块223从混合认证密钥中提取出公共认证密钥和私有认证密钥，并将公共认证密钥发送给处理模块231，以使处理模块231使用该公共认证密钥对配件21进行认证。 [0037] Of course, in other embodiments, may also be read mixed authentication key from the first storage module 221 by the decryption module 223, and extracts the private authentication key from the mixed authentication keys, using the private certification key for decryption; or may be extracted by the decryption module 223 from mixing the authentication key in a public authentication key and a private authentication key, and transmits the public authentication key to the processing module 231 to the process module 231 using the public authentication key accessories 21 certification.

[0038] 继续参阅图2，在本实施方式中，加密芯片211进一步还包括计数模块227。 [0038] With continued reference to FIG. 2, in the present embodiment, the encryption chip 211 further includes a counting module 227.计数模块227用于累计并存储配件21被认证的次数。 Counting module 227 to accumulate the number of times and storing the fitting 21 to be authenticated.具体地，当解密模块223发生解密事件时，计数模块227在检测到解密模块223的解密事件后即加“1”，由此实现对认证次数的累计。 Specifically, when the decryption module 223 to decrypt the event, the counting module 227 adds "1" is detected decryption module event 223 after, thereby to achieve total certification number.电子设备23处理模块231可以通过读取配件21被认证的次数，以根据该被认证的次数进行相关处理，例如，可以根据被认证的次数获知配件21被使用的次数，进而进行收费管理，还可以根据被认证的次数计算配件21的寿命等。 The electronic device 23 processing module 231 may often be certified 21, to perform correlation processing in accordance with the number of the authenticated, for example, can be learned by reading the fitting according to the number of authenticated number of uses of parts 21, and further charges management, further life fitting 21 can be calculated based on the number to be authenticated.

[0039] 此外，计数模块227还可以用于累计配件21的使用时长，以确定配件21的大约寿命O [0039] In addition, the counting module 227 may also be used for a long time using accumulated fitting 21 to determine the fitting about the life O 21

[0040] 在本发明实现配件认证的系统的实施方式中，配件的加密芯片还具有唯一的序列号，以便于对配件进行管理和真伪识别。 [0040] In an embodiment of the present invention achieves accessory authentication system, fitting the encryption chip also has a unique serial number, so that for parts management and authenticity identification.电子设备在使用密钥对配件进行人证之前，处理模块可以通过获取加密芯片的序列号来辨别配件是否是假冒伪略产品，例如可以通过网络云端将获取的序列号和正确的序列号进行比对以判定获取的序列号的真伪，并且在识别真伪后还可以对该序列号进行标注和管理，由此通过所标注的信息即可快速判断出序列号的真假。 Electronic equipment in use key accessories for witnesses before processing module can obtain the encryption chip serial number to identify the parts are fake and pseudo slightly products, such as through a network cloud to get the serial number and the correct serial number for comparison to determine the authenticity of the sequence number acquired, and may further be labeled and the management of the serial number to identify the authenticity, whereby the information is marked by can quickly determine the authenticity of the sequence number.

[0041] 因此，通过为加密芯片配置唯一的序列号，从而保障配件的唯一性和排他性，为后续的配件认证增加了一道硬件屏障。 [0041] Accordingly, by arranging a unique serial number for the encryption chip, in order to protect the sole and exclusive parts, an increase in the hardware authentication barrier for subsequent fitting.

[0042] 本发明还提供配件的一实施方式，所述配件为上述任一实施方式中所描述的配件。 [0042] The present invention further provides a fitting embodiment, the fitting is a fitting any of the embodiments described herein.

[0043] 本发明还提供电子设备的一实施方式，所述电子设备为上述任一实施方式中所描述的电子设备。 [0043] The present invention further provides an embodiment of an electronic device, the electronic device is an electronic device in any of the above described embodiments.

[0044] 以上所述仅为本发明的实施方式，并非因此限制本发明的专利范围，凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换，或直接或间接运用在其他相关的技术领域，均同理包括在本发明的专利保护范围内。 [0044] The above are only embodiments of the present invention, not intended to limit the scope of the present invention, all utilize the present specification and drawings taken equivalent structures or equivalent process, or applied directly or indirectly in the other Related technical fields shall fall within the scope of protection of the present invention.

Claims (10)

Translated from Chinese

1.一种配件，其特征在于，包括加密芯片，所述加密芯片包括第一存储模块； 所述第一存储模块用于存储私有认证密钥以及至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥，以使电子设备的处理模块在所述电子设备和所述配件进行物理连接时按照与所述预定规则匹配的算法从所述混合认证密钥中至少提取出所述公共认证密钥，并使用所述公共认证密钥对所述配件进行认证。 A fitting, characterized in that it comprises an encryption chip, the chip includes a first storage encryption module; the first storage means for storing at least a private authentication key and public key authentication and key according to a predetermined pseudo mixing authentication key after the rule combination, such that the processing module of the electronic device physically connected to the electronic device and the accessory when in accordance with said predetermined rule matching algorithm is extracted from the mixing authentication keys at least the the said common authentication key, and using the public authentication key to the accessory authentication.

2.根据权利要求1所述的配件，其特征在于， 所述加密芯片还包括与所述第一存储模块连接的密钥产生模块，用于在所述配件和所述电子设备进行物理连接时产生所述私有认证密钥、公共认证密钥以及伪密钥，并至少将所述公共认证密钥和伪密钥按照预定规则进行组合以得到所述混合认证密钥，其中，在每次所述配件和所述电子设备进行物理连接时，所述密钥产生模块产生的公共认证密钥和私有认证密钥不相同。 2. The accessory according to claim 1, wherein said encryption chip further includes a key connected to the first storage module generating module, for performing physical connection of said fitting and said electronic device the private authentication key is generated, and the pseudo-public key authentication key, and at least the pseudo-public key authentication and key combination according to a predetermined rule to obtain the mixed authentication key, wherein, in each of the when the physical connection of said fitting and said electronic device, said key generation public authentication key and a private authentication key generated by the module are not identical.

3.根据权利要求2所述的配件，其特征在于， 所述加密芯片还包括解密模块； 所述密钥产生模块用于将所述私有认证密钥、所述公共认证密钥以及所述伪密钥按照预定规则进行组合以得到所述混合认证密钥，并将所述混合认证密钥存储至所述第一存储模块中； 所述解密模块用于接收所述处理模块按照与所述预定规则匹配的算法从所述混合认证密钥中提取出的所述私有认证密钥，并使用所述私有认证密钥对所述配件进行认证。 3. The fitting of claim 2, wherein said encryption chip further includes a decrypting module; the key generation module for the private authentication key, the public authentication key and the dummy key in accordance with predetermined rules are combined to obtain the mixed authentication key, and the mixing authentication key stored in the first storage module; the decryption receiving the processing module module is configured according to the predetermined the private authentication key algorithm matching rule extracted from the mixing of the authentication key, and authenticate the accessory using the private authentication key.

4.根据权利要求1所述的配件，其特征在于， 所述加密芯片还包括计数模块，所述计数模块用于累计并存储所述配件被认证的次数。 4. The fitting according to claim 1, wherein said encryption chip further includes a counting module, the counting means for accumulation and the number of storing the accessory is authenticated.

5.根据权利要求1所述的配件，其特征在于， 所述加密芯片具有唯一的序列号。 The fitting according to claim 1, wherein said encryption chip has a unique serial number.

6.一种电子设备，其特征在于，包括处理模块； 所述处理模块用于在所述电子设备和配件进行物理连接时，从所述配件的加密芯片中的第一存储模块读取至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥，并按照与所述预定规则匹配的算法从所述混合认证密钥中至少提取所述公共认证密钥，以使用所述公共认证密钥对所述配件进行认证。 An electronic apparatus comprising a processing module; said processing module is configured in the electronic equipment and accessories to be physically connected, read from the fitting encryption chip in the first storage module by at least public authentication key and a dummy key in a hybrid authentication key after a predetermined rule combinations, and according to the algorithm with the predetermined rule matching is extracted from the mixing authentication keys at least the common authentication key, using the the public authentication key to the accessory authentication.

7.一种实现配件认证的系统，其特征在于，包括配件和电子设备，所述配件包括加密芯片，所述加密芯片包括第一存储模块，所述电子设备包括处理模块； 所述第一存储模块用于存储私有认证密钥以及至少由公共认证密钥和伪密钥按照预定规则组合之后的混合认证密钥； 所述处理模块在所述配件和所述电子设备进行物理连接时按照与所述预定规则匹配的算法从所述混合认证密钥中至少提取出所述公共认证密钥，并使用所述公共认证密钥对所述配件进行认证。 A realization accessory authentication system, characterized by comprising parts and electronic device, said accessory comprising encryption chip, said encryption chip includes a first storage module, the electronic device includes a processing module; the first storage means for storing the private authentication key and at least a public authentication key and a dummy key in a hybrid authentication key after a predetermined rule combinations thereof; said processing module is physically connected to the accessory and the electronic device when in accordance with the algorithm said predetermined matching rule is extracted from the mixing authentication key in at least the said common authentication key, and using the public authentication key to the accessory authentication.

8.根据权利要求7所述的系统，其特征在于， 所述加密芯片还包括与所述第一存储模块连接的密钥产生模块，用于在所述配件和所述电子设备进行物理连接时产生所述公共认证密钥、私有认证密钥以及伪密钥，并至少将所述公共认证密钥和伪密钥按照预定规则进行组合以得到所述混合认证密钥，其中，在每次所述配件和所述电子设备进行物理连接时，所述密钥产生模块产生的公共认证密钥和私有认证密钥不相同。 8. The system of claim 7, wherein the encryption chip further includes a key connected to the first storage module generating module, for performing physical connection of said fitting and said electronic device generating the common authentication key, the private authentication key and a pseudo key and at least the public authentication key and the pseudo-key combination in accordance with a predetermined rule to obtain the mixed authentication key, wherein, in each of the when the physical connection of said fitting and said electronic device, said key generation public authentication key and a private authentication key generated by the module are not identical.

9.根据权利要求8所述的系统，其特征在于， 所述加密芯片还包括解密模块； 所述密钥产生模块用于将所述私有认证密钥、所述公共认证密钥以及所述伪密钥按照预定规则进行组合以得到所述混合认证密钥，并将所述混合认证密钥存储至所述第一存储模块中； 所述处理模块用于按照与所述预定规则匹配的算法从所述混合认证密钥中提取所述私有认证密钥，并将所述私有认证密钥发送给所述解密模块，所述解密模块用于接收所述私有认证密钥，并使用所述私有认证密钥对所述配件进行认证。 9. The system of claim 8, wherein the encryption chip further includes a decrypting module; the key generation module for the private authentication key, the public authentication key and the dummy key in accordance with predetermined rules are combined to obtain the mixed authentication key, and the mixing authentication key stored in the first storage module; and the processing module is configured in accordance with the algorithm with the predetermined rule matching from the extracts mixing authentication key of the private authentication key and a private authentication key is transmitted to said decryption module, said decryption means for receiving the private authentication key, and using the private authentication key to the accessory authentication.

10.根据权利要求7所述的系统，其特征在于， 所述加密芯片还包括计数模块，所述计数模块用于累计并存储所述配件被认证的次数。 10. The system according to claim 7, wherein the encryption chip further includes a counting module, the counting means for accumulation and the number of storing the accessory is authenticated.